Re: why not WPAD?
"Adrien de Croy" <adrien@qbik.com> Wed, 15 January 2014 21:41 UTC
Return-Path: <ietf-http-wg-request@listhub.w3.org>
X-Original-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Delivered-To: ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 95BE41AE416 for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 15 Jan 2014 13:41:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.44
X-Spam-Level:
X-Spam-Status: No, score=-7.44 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.538, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aTEbCmpMazad for <ietfarch-httpbisa-archive-bis2Juki@ietfa.amsl.com>; Wed, 15 Jan 2014 13:41:16 -0800 (PST)
Received: from frink.w3.org (frink.w3.org [128.30.52.56]) by ietfa.amsl.com (Postfix) with ESMTP id 0ECE01AE237 for <httpbisa-archive-bis2Juki@lists.ietf.org>; Wed, 15 Jan 2014 13:41:16 -0800 (PST)
Received: from lists by frink.w3.org with local (Exim 4.72) (envelope-from <ietf-http-wg-request@listhub.w3.org>) id 1W3YCA-0002kt-Rv for ietf-http-wg-dist@listhub.w3.org; Wed, 15 Jan 2014 21:40:18 +0000
Resent-Date: Wed, 15 Jan 2014 21:40:18 +0000
Resent-Message-Id: <E1W3YCA-0002kt-Rv@frink.w3.org>
Received: from maggie.w3.org ([128.30.52.39]) by frink.w3.org with esmtp (Exim 4.72) (envelope-from <adrien@qbik.com>) id 1W3YC3-0002jz-Iz for ietf-http-wg@listhub.w3.org; Wed, 15 Jan 2014 21:40:11 +0000
Received: from smtp.qbik.com ([210.55.214.35]) by maggie.w3.org with esmtp (Exim 4.72) (envelope-from <adrien@qbik.com>) id 1W3YC2-0006ZI-B9 for ietf-http-wg@w3.org; Wed, 15 Jan 2014 21:40:11 +0000
Received: From [192.168.0.38] (unverified [192.168.0.38]) by SMTP Server [192.168.0.1] (WinGate SMTP Receiver v8.1.0 (Build 4648)) with SMTP id <0019936381@smtp.qbik.com>; Thu, 16 Jan 2014 10:39:43 +1300
From: Adrien de Croy <adrien@qbik.com>
To: Peter Lepeska <bizzbyster@gmail.com>, "ietf-http-wg@w3.org" <ietf-http-wg@w3.org>
Date: Wed, 15 Jan 2014 21:39:42 +0000
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; format="flowed"; charset="utf-8"
In-Reply-To: <CANmPAYFXkhkqBcmLdeQxcN9REXcCOfbeE2oh-mVxtkFLA0b7ww@mail.gmail.com>
Message-Id: <em8a91594c-b5fe-48ee-a4d5-275eede2e87b@bodybag>
Mime-Version: 1.0
Reply-To: Adrien de Croy <adrien@qbik.com>
User-Agent: eM_Client/6.0.19714.0
Received-SPF: pass client-ip=210.55.214.35; envelope-from=adrien@qbik.com; helo=smtp.qbik.com
X-W3C-Hub-Spam-Status: No, score=-3.6
X-W3C-Hub-Spam-Report: AWL=-3.254, RP_MATCHES_RCVD=-0.325, SPF_PASS=-0.001
X-W3C-Scan-Sig: maggie.w3.org 1W3YC2-0006ZI-B9 1034358e5b940114a2e5d280aa7c023c
X-Original-To: ietf-http-wg@w3.org
Subject: Re: why not WPAD?
Archived-At: <http://www.w3.org/mid/em8a91594c-b5fe-48ee-a4d5-275eede2e87b@bodybag>
Resent-From: ietf-http-wg@w3.org
X-Mailing-List: <ietf-http-wg@w3.org> archive/latest/21813
X-Loop: ietf-http-wg@w3.org
Resent-Sender: ietf-http-wg-request@w3.org
Precedence: list
List-Id: <ietf-http-wg.w3.org>
List-Help: <http://www.w3.org/Mail/>
List-Post: <mailto:ietf-http-wg@w3.org>
List-Unsubscribe: <mailto:ietf-http-wg-request@w3.org?subject=unsubscribe>
Hi Peter in general, WPAD involves up to 4 different systems. DHCP DNS http server for WPAD.dat URL client (must be configured to use auto proxy detect) then there's the Proxy this is 4 places for failure in the WPAD setup. We find in practise deploying WPAD to be very problematic for customers. If however they could divert ports via the proxy, there's 1 system to enforce and advertise the requirements for connection, and it's the proxy. Therefore the proxy vendor has complete ability to develop and deploy all the necessary bits. Neither is it dependent on client config. Since clients may start their browsing with https, therefore there needs to be a way within TLS to advertise this. So actually I think the approach is a very good one, and stands to make life a great deal easier for all my customers in any case. Adrien ------ Original Message ------ From: "Peter Lepeska" <bizzbyster@gmail.com> To: "ietf-http-wg@w3.org" <ietf-http-wg@w3.org> Sent: 16/01/2014 08:09:14 Subject: why not WPAD? >Salvatore's recent draft on trusted proxies >(http://www.ietf.org/internet-drafts/draft-loreto-httpbis-trusted-proxy20-00.txt) >presents one approach for browsers to learn about the presence of >proxies, even when the browser is first using HTTPS to talk to the >Internet. > >But WPAD already exists for this purpose and all of the browsers >support it in one form or another -- chrome recently added support for >WPAD over DHCP as I understand it. I know there are implementation >problems with WPAD and proxy autoconfig but fundamentally what is >wrong with the approach of leveraging DHCP and DNS to discover proxies >and then relying on a simple javascript-based script to determine when >the proxy should be used? > >Is there something fatally flawed about the WPAD/PAC model for dynamic >proxy detection? If this topic is covered in another thread, please >send me a link to it. > >Thanks, > >Peter >
- why not WPAD? Peter Lepeska
- Re: why not WPAD? Martin Thomson
- Re: why not WPAD? Eliot Lear
- Re: why not WPAD? Adrien de Croy
- Re: why not WPAD? Peter Lepeska
- Re: why not WPAD? Peter Lepeska
- Re: why not WPAD? Adrien de Croy
- Re: why not WPAD? Amos Jeffries
- Re: why not WPAD? Adrien de Croy
- Re: why not WPAD? Nicolas Mailhot
- Re: why not WPAD? Nicolas Mailhot
- Re: why not WPAD? Nicolas Mailhot
- Re: why not WPAD? Adrien de Croy
- Re: why not WPAD? Peter Lepeska